Updating CentOS 6.5 on DigitalOcean

Due to some security upgrades over at Stripe, the CentOS servers need to be updated so they can handle SHA-2 and TLS1.2. This turns out to be quite simple.

First, log in to the server and run:

yum check-update

This will list the updates that are available. It’s possible to select some or all of these for updating. For the sake of simplicity, I decided to update everything at once.

Before running the update, power down the droplet via putty:

sudo shutdown -h now

Now go to DigitalOcean and use their console to create a snapshot of the server. (FYI, it might take a moment for DO to register that the server is actually powered down.) This snapshot will be used for recovery in case anything goes sideways. Creating a snapshot can take from 15 to 30 minutes or more.

When the snapshot is completed, power up the server using the DO console. Now log in via Putty and run the following:

sudo yum -v update

This will take a few moments to finish. Note that I’ve added the ‘verbose’ option, so this will echo a lot of info about the process.

Once the update is completed, the server will need to be restarted. Follow the instructions in this post:

Now load up the app in a browser and make sure things are working properly.

In my case, I was doing this at the behest of Stripe: next I ran the script they provided to confirm the server is now capable of handling SHA-2 and TLS1.2. All is now good:-)